[ngw] non-NDS users sending outbound

Joe Acquisto joe.acquisto at gmail.com
Wed Apr 14 20:40:15 UTC 2010 

No, not really.

You need to be able to talk to GWIA on port 25 from *outside* (public
ipaddresses) , or mail will not be delivered to you.

There is, generally, no need to talk to GWIA on port 25 from *inside*
(private ipaddresses), so these should be blocked.  The POA(s) speak
to GWIA  in a different manner.

However, some places have internal hosts that send status messages,
etc, and these may go via GWIA.  If that is your shop, you need to
allow exceptions for those ip's.

joe a.

On Wed, Apr 14, 2010 at 4:19 PM, Maurice <mauricep at cds-cumberland.org> wrote:
> Okay...
>
> Talk with an IT buddy, got him to hit my Server from away...
> He can get to my Server!!!!
>
> So, I need to get to my Cisco ASA and allow on traffic on port 25 from an
> internal address???
> Is that the correct thinking??
>
>
>
>
> -Maurice Pelletier
> Child Development Services - Cumberland County
> 50 Depot Road
> Falmouth, ME 04105
> 207-781-8881 (voice)
> 207-781-8855 (fax)
>
> www.cds-cumberland.org
>
>
> "Linux -- it's not just for breakfast anymore..."
> -Moe
>
> CONFIDENTIALITY NOTICE: This communication (including any attachments) may
> contain privileged or confidential information intended for a specific
> individual and purpose, and is protected by law. If you are not the intended
> recipient, you should delete this communication and/or shred the materials
> and any attachments and are hereby notified that any disclosure, copying, or
> distribution of this communication, or the taking of any action based on it,
> is strictly prohibited. Thank you.
>
>
> On 04/14/2010 03:28 PM, Danita Zanre wrote:
>
> Can you check your POA log when this is happening?  You might actually have
> someone who has hacked a userid/password and are actually authenticating to
> the GWIA to send the junk.
>
> On Wed, Apr 14, 2010 at 1:24 PM, Maurice <mauricep at cds-cumberland.org>
> wrote:
>>
>> All the traffic appears to be at the GWIA level, when I ran my report
>> for PO usage there's a listing without a GW User Domain or GW User PO
>> identifier but the total listed matches the offending User in the
>> Outbound report.
>>
> --
> Danita Zanrè
> Keep in touch!
> http://www.twitter.com/GWGoddess
> http://www.facebook.com/Caledonia.net
> http://www.linkedin.com/in/danitazanre
>
>
> _______________________________________________
> ngw mailing list
> ngw at ngwlist.com
> http://ngwlist.com/mailman/listinfo/ngw
>
>
> _______________________________________________
> ngw mailing list
> ngw at ngwlist.com
> http://ngwlist.com/mailman/listinfo/ngw
>
>

More information about the ngw mailing list